Data Protection

General Data Protection Provisions pursuant to the European General Data Protection Regulation GDPR


Data Protection Declaration

How do we safeguard the privacy of your personal data (PD) at our company?

Dear Website Visitor:

Through the publication of this Data Protection Declaration we aim to brief you on how we warrant compliance of our handling of your personal data in accordance with the EU General Data Protection Regulation (abbreviated GDPR) at our company in general, transparent and easy-to-understand terms.

This Data Protection Declaration will share with you information as to which kind of personal data we collect, for which purposes we collect them and what we do with the personal data we have collected. Given that this is an important information for you, we encourage you to make time to read our Data Protection Declaration thoroughly.

  1. It is principally possible to use our website https://www.eltec.com without providing any personal data (such as your first and last names, etc.). However, if you (in the following also: the data subject) would like to use one of our services and/or order any products via our website, it may be necessary to share such personal data.

    If we have to process your personal data, e.g. for the following purposes:

    to process an inquiry / reservation / newsletter subscription / registration

    we will principally obtain your consent to the processing of your personal data pursuant to Article 6, Paragraph 1, Sentence 1, lit. a. GDPR.

    As an alternative, you also have the option to contact us via telephone. We shall always process your data in compliance with the EU General Data Protection Regulation. Our legal basis for data processing is Article 6, Paragraph 1, Sentence 1, lit. f GDPR. The legitimate interest of the data controller (our company) arises from the abovementioned purposes.


  2. Collection of General Data (Log Files)

    a) When anyone accesses our website, information is automatically sent to the server of our website. This information is temporarily stored in a so-called "log file". The following information is collected automatically without you having to do anything and stored until it is automatically erased:

    -  the Internet Protocol Address (IP address) of the accessing computer;
    - access date and time;
    - name and URL of the accessed file;
    - the previously visited website (so-called "referrer website");
    - utilized browser and, if applicable, the operating system of your computer;
    - the name of your Internet service provider;
      as well as
    - any similar data and information that has the capability of assisting us with the defense against attacks of our information technology systems.

    b) We process the data specified under section 2 a) for the following purposest:

    -  to warrant the smooth establishment of connections with the website;
    - to guarantee the convenience of use of our website;
    - to analyze the security and stability of our system;
      as well as
    - for further administrative purposes.

    Our legal basis for this type of data processing is Article 6, Paragraph 1, Sentence 1, lit. f GDPR. Our legitimate interest arises from the purposes of data collection specified under section 2 b). Under no circumstances shall we use the data we collect for the purpose of arriving at conclusions as far as you as a person is concerned.


  3. Collection and Archiving of Personal Data; Type and Purpose of Data Utilization

    a) Subscription to our Newsletter

    The data subject (you) will be able to receive our Newsletter only if the data subject has expressly consented to the Newsletter registration pursuant to Article 6, Paragraph 1, Sentence 1, lit. a GDPR. The e-mail collected in conjunction with this is used to send a confirmation e-mail to the data subject as required by law. The purpose of this confirmation e-mail is to verify the identity of the data subject.

    We also store the IP address of the data subject at the time the data subject registers, along with the data and time of registration. The collection of this data is necessary to be able to track the (potential) misuse of the e-mail address of a data subject in the future and it is used as evidence for legal purposes (burden of proof).

    It is always possible to unsubscribed from the Newsletter, for instance by using the link that appears at the end of every Newsletter. As an alternative, you may also send a request to unsubscribe to the following e-mail address at any time: info@eltec.com.

    b) Support requests submitted to our Ticket Center

    You have the option to register via our embedded Ticket Center and submit any kind of support request. To do so, you will have to provide a valid e-mail address, so that we can identify the source of the request and respond. Other information, such as your title and name, is also required. We process your data submitted for the purpose of contacting us pursuant to Article 6, Paragraph 1, Sentence 1, lit. a GDPR based on your voluntary consent.

    c) Use of the Download Center via our website

    You have the option to register via our embedded Download Center so that you can download manuals, drivers and other documentation. To do so, you will have to provide a valid e-mail address, so that we can identify the source of the request and respond. Other information, such as your title, name, and company is also required. We process your data submitted for the purpose of contacting us pursuant to Article 6, Paragraph 1, Sentence 1, lit. a GDPR based on your voluntary consent.

    d) Permission to process personal data

    Any time you consent to the processing of your personal data, you confirm that

    1. your consent is freely given, 2. you are informed, 3. your consent is clear and 4. you may revoke your consent (for future transactions).


  4. Sharing of Data

    We shall not transmit your personal data to any third parties for purposes other than those listed below. We shall share your personal data with third parties only:

    -  if you have given us your express consent pursuant to Article 6, Paragraph 1, Sentence 1, lit. a GDPR;
    - if the sharing is required to enforce claims pursuant to Article 6, Paragraph 1, Sentence 1, lit. f GDPR and provided there is no reason to presume that you have an overriding legitimate interest in your data not being shared;
    - if a statutory mandate to share applies pursuant to Article 6, Paragraph 1, Sentence 1, lit. c GDPR;
      and
    - if this is permitted by law and necessary to handle contractual relationships with you pursuant to Article 6, Paragraph 1, Sentence 1, lit. b GDPR.


  5. Rights of Access by the Data Subject (Access Rights of the Affected Party)

    Pursuant to Article 15 GDPR, you have the right to demand information about the processing of any of your personal data by us. In particular, you may demand information as to

    a) the purposes of processing your data;
    b) the categories of personal data we process;
    c) the categories of recipients to whom we have disclosed or will disclose your personal data;
    d) the envisaged period for which the personal data will be archived;
    e) the existence of your right to have your data rectified, erased, have its processing restricted or to object to such processing;
    f) the existence of your right to lodge a complaint with a supervisory authority;
    g) the source of your personal data if we did not collect your data in-house;
        as well as
    h) the existence of an automated decision-making tool, including profiling.

    Furthermore, the data subject is entitled to information as to whether personal data has been transmitted to a third country or an international organization. If this should be the case, the data subject also has the right to receive information about any appropriate safeguards in place in conjunction with the data transfer.

    If a data subject likes to exercise this right to information, the data subject may contact our Data Protection Officer or any other employee of the data controller responsible for the processing of the data; see section 18.


  6. Right to Data Rectification – Article 16 GDPR

    The data subject shall have the right to obtain from the data controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.


  7. Right to Erasure ("Right to be Forgotten") – Article 17 GDPR

    The data subject has the right to demand the erasure of any personal data we have archived, unless the processing is required for the fulfillment of a legal obligation, on the grounds of public interest or to establish, exercise or defend any legal claims.

    Your right to erasure comprises the following:

    a) The personal data is no longer required for the purposes for which they were collected or otherwise processed;
    b) The data subject revokes his/her consent to the processing of personal data pursuant to Article 6, Paragraph 1, Sentence 1, lit. a or Article 9, Paragraph 2, Sentence 1, lit. a GDPR and any other legal basis for the processing does not exist.
    c) The data subject objects to the processing of personal data pursuant to Article 21, Paragraph 2 GDPR and there are no overriding legitimate interests for the processing.
    d) The personal data was processed unlawfully.
    e) The erasure of the personal data is necessary in order to fulfill a legal obligation pursuant to European Union Law or the laws of any of the member states the data controller is subject to.
    f) The personal data was collected in reference to the offered services of the information society pursuant to Article 8, Paragraph 1 GDPR.


  8. Right to Restriction of Processing – Article 18 GDPR

    You have the right to demand the restriction of the processing of your personal data if you contest the accuracy of the personal data, if the processing of the data is unlawful but you refuse to have it erased though we no longer need the data, because you require the data to establish, exercise or defend any legal claims or if you have filed an objection to the processing of the data pursuant to Article 21 GDPR.


  9. Right to Data Portability – Article 20 GDPR

    You have the right to receive your personal data that you have provided to us, in a structured, commonly used and machine-readable format and to demand its transmission to a different data controller.


  10. Conditions for Consent – Article 7, Paragraph 3 GDPR

    The data subject has the right to revoke his/her consent at any time. The lawfulness of the processing of the data before the consent is revoked shall not be affected by the revocation. The data subject shall be notified of this prior to giving his/her consent. The revocation of consent must be as easy as giving consent. If you would like to exercise your right to revoke consent, you may simply send an e-mail to info@eltec.com.


  11. Right to Object – Article 21 GDPR

    If your personal data are being processed on the grounds of legitimate interests pursuant to Article 6, Paragraph 1, Sentence 1, lit. f GDPR, you have the right to object to the processing of your personal data pursuant to Article 21 GDPR, if reasons exist that arise from your personal situation or if the objection targets direct marketing purposes. In the latter case, you have a general right to object which shall be implemented by us without you providing a special situation as grounds. If you would like to exercise your right to object, you may simply send an e-mail to info@eltec.com.


  12. Right to Lodge a Complaint with a Supervisory Authority – Article 77 GDPR

    Without prejudice to any other administrative or court-based legal remedy, every data subject has the right to lodge a complaint with a supervisory authority, in particular, in the member state where the data subject is residing, working or where the alleged infringement has occurred, if the data subject is of the opinion that the processing of the personal data related to the data subject is in violation of this Regulation.

    As a rule, to do so, you may contact the supervisory authority at your usual place of residence or at your workplace.

    If a data subject wants to exercise his or her rights, the data subject may contact our Data Protection Officer or any other employee of the data controller responsible for the processing of personal data, see section 18.


  13. Security of Data Processing – Article 32 GDPR

    We have implemented comprehensive technical and organizational measures and security precautions to protect your personal data against unauthorized access or misuse. We review our security processes at regular intervals and update them to the latest state of the art. Our employees are trained in data protection and are required to maintain confidentiality and comply with the data protection regulations.

    To that end, our data protection principles aim at permanently safeguarding

    1. confidentiality
    2. integrity
    3. availability and security infringement resistance

    of the systems and services affiliated with the processing of data.


  14. Cookies

    To make our website user-friendly and to optimally tailor it to your needs, we use cookies on our websites. A cookie is a small text file that is stored locally on your notebook, tablet, smartphone, etc. However, this does not mean that we obtain direct knowledge of your identity as a result. For instance, we use so-called "session cookies", to be able to determine that you have already visited individual pages of our website. They are automatically erased from our website after you leave. Your browser also offers an option to erase cookies (e.g. by deleting the browser data). For additional information, please consult the operation manual of your browser. As a rule, you can also find specific settings for your Internet browser in the corresponding settings menu. The data processed by cookies are required for the purposes listed to protect our legitimate interests and those of third parties pursuant to Article 6, Paragraph 1, Sentence 1, lit. f GDPR.
    Every time our website is accessed, data concerning this transaction are archived in a log file. These data are not personal data, hence, we are not able to track which user has accessed which data. Specifically, the following data batch is archived every time the site is accessed:

    - name of the accessed file;
    - access date and time;
    - transmitted data volume;
    - information as to whether the access was successful.

    You also have the option to deactivate or manage cookies in your entire browser.

    https://support.google.com/accounts/answer/61416?hl=de 
    https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
    https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies#
    http://help.opera.com/Windows/10.00/en/cookies.html

  15. Used Analysis Tools

    We do not use any analysis tools or tracking methods.


  16. General Information about Social Media Plug-Ins

    On the basis of Article 6, Paragraph 1, Sentence 1, lit. f GDPR, we use social media plug-ins of the social networks YouTube and Google Maps on our website to promote our company's name recognition. The related promotional purposes are considered legitimate interests as defined in the GDPR. These social networks are under the exclusive operation of third party providers; some of which maintain their business domiciles outside of the EU. It is possible that third party providers do not offer data protection levels that would be adequate for you. These browser plug-ins and links can be identified on our website by logos or other alerts.

    a) Use of YouTube Plug-ins (Videos)

    On some of the pages of our website, we have embedded videos archived on YouTube. YouTube is a service of Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. We have activated the "expanded data protection mode" for all YouTube videos on our websites. YouTube provides this mode and, thus, assures users that YouTube will not store any cookies containing personal data on your computer. When accessing the website and for the purpose of embedding videos, the IP address is transmitted. However, it cannot be allocated to you unless you have logged into YouTube or another Google service prior to accessing the website or if you are permanently logged into these services.

    As soon as you click an embedded video to play it, thanks to the expanded data protection mode, YouTube will only store cookies on your computer that do not contain data that identify you personally. These cookies may also be prevented by respective browser settings and expansions. For more information about the embedding of YouTube videos, please visit the information site published by YouTube.

    b) Google Maps

    Our website uses the map service offered by Google Maps by means of an API. The provider is Google Inc., 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA. In order to be able to use the functions of Google Maps, the user's IP address must be archived. This information is usually sent to a Google server in the United States, where it is archived. The provider of this website does not have any control over this data transfer. Google Maps is a service offered in the interest to depict our website in an attractive manner and for customers to be able to easily navigate to any locations we disclose on our website. This establishes a legitimate interest as defined in Article 6, Paragraph 1, Sentence 1, lit. f GDPR. For more information as to how Google handles user data, please consult Google's Data Protection Declaration https://privacy.google.com/intl/en.

    c) Google Web Fonts

    Our website uses so-called web fonts provided by Google to uniformly display fonts. When you call up a site, your browser loads the required web fonts into your browser cache to display texts and fonts correctly. To do this, the browser you are using must connect to Google's servers. This gives Google knowledge that our website has been accessed via your IP address. The use of Google Web Fonts is in the interest of a uniform and appealing presentation of our online offers. This represents a legitimate interest pursuant to Article 6, Paragraph 1, Sentence 1, lit. f GDPR. If your browser does not support web fonts, your computer will use its default font. Further information about Google Web Fonts can be found at https://developers.google.com/fonts/faq and in Google's Data Protection Declaration https://privacy.google.com/intl/en.


  17. Existence of an Automated Decision-making Tool / Profiling

    As a responsible enterprise, we do not use tools such as automated decision-making tools or profiling.


  18. Name and Address of the Data Processing Controller

    The Data Processing Controller as defined in the GDPR is:

    ELTEC Elektronik AG
    Peter Albert
    Executive Board Director
    Galileo-Galilei-Str. 11
    55129 Mainz (Germany)

    Fon +49 6131 918 100
    Fax +49 6131 918 195
    E-Mail datenschutz@eltec.de
    Web www.eltec.com


    Our third party Data Protection Officer can be reached at the following address:

    EDV Sachverständigen- und Datenschutzbüro Michael J. Schüssler
    Kolpingstr. 3
    63739 Aschaffenburg (Germany)

    Fon +49 6021 439 18 45
    E-Mail info@svb-ms.de
    Web www.datenschutz4you-aschaffenburg.de 


  19. Competent Data Protection Authority

    The State Data Protection Officer and Officer for Freedom of Information of Rhineland-Palatinate:

    Der Landesbeauftragte für den Datenschutz und die Informationsfreiheit Rheinland-Pfalz
    Prof. Dr. Dieter Kugelmann
    Hintere Bleiche 34
    55116 Mainz (Germany)

    Fon +49 6131 208 24 49
    Fax +49 6131 208 24 97
    E-Mail poststelle@datenschutz.rlp.de
    Web www.datenschutz.rlp.de/de 


  20. Topicality and Modifications of this Data Protection Declaration

    This Data Protection Declaration is topical and effective as of May 2018.

    It may become necessary to make updates to this Data Protection Declaration due to the further development of our website and the products as well as the services offered or because changes in the law or government authority imposed mandates.